This should hopefully fix the Python3 build on buildbot.
For a while I assumed it may be a build-bot issue, but
then looking through the packages repo [and finding
the bluez package] it looks like, if you try
to build all packages, Python3 detects the bluetooth
headers installed by bluez.
It looks like Python's bluetooth support was somewhat
broken ; it was not detecting the <bluetooth/bluetooth.h>
header, so a backport from Python3 to Python fixed that.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Two important configuration files, /etc/php7-fpm.conf and
/etc/php7-fpm.d/www.conf are silently overwritten on each php7-fpm
upgrade or lost on a sysupgrade.
This commit adds the conffiles section for php7-fpm and revises
the conffiles section for php7.
Signed-off-by: Val Kulkov <val.kulkov@gmail.com>
Just about everything needs extutils to be built. But very little
requires it to run.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
It seems that Inline::C evaluates to undef which is problematic, so
we need to handle this better.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
This package contains "ldbus": LUA bindings to interact with the DBUS
message bus, and services connected to it.
See https://github.com/daurnimator/ldbus
for more details.
Signed-off-by: Enrico Mioso <mrkiko.rs@gmail.com>
There are scripts to download and preprocess the GeoIP database
for iptables-mod-geoip which require this Perl module.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
There are a few packages which mysteriously fail during the configure
stage. Give us better means of understanding why.
Also, some Makefile.PL's have "use" statements which reference
files which are in or under ".".
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
5.26.1 introduced default_inc_excludes_dot which is causing
perl-html-tags and possibly other modules to fail. Add explict
dot back when invoking module's ./Makefile.PL.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Required changes:
* Add qualifying '.' to scripts or to @INC, as appropriate since we're
enabling default_inc_excludes_dot;
* Add new platform/library definitions like double-double format and
locale library functions/headers;
* Delete patch 020 as it's been upstreamed;
Optional changes:
* Instead of using -@rm and having that fail, emit an error message,
and be ignored, just use @rm -f instead which will always succeed.
Security
[CVE-2017-12837] Heap buffer overflow in regular expression compiler
Compiling certain regular expression patterns with the case-insensitive
modifier could cause a heap buffer overflow and crash perl. This has
now been fixed. [perl #131582]
[CVE-2017-12883] Buffer over-read in regular expression parser
For certain types of syntax error in a regular expression pattern, the
error message could either contain the contents of a random, possibly
large, chunk of memory, or could crash perl. This has now been fixed.
[perl #131598]
[CVE-2017-12814] $ENV{$key} stack buffer overflow on Windows
A possible stack buffer overflow in the %ENV code on Windows has been
fixed by removing the buffer completely since it was superfluous anyway.
[perl #131665]
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
The standard way to pass -rdynamic (or -Wl,--dynamic-export) is via
the $ccdlflags variable. Do what is best practice.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Originally as PR #2383 but rewritten.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Signed-off-by: Alexander Ryzhov <openwrt@ryzhov-al.ru>
That way some python packages can choose
to keep their egg-info dirs, if they want to, or they're needed.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
The FPM SAPI works fine without the CGI SAPI installed. It seems that
this is a copy & paste error introduced a long time ago, when FPM support
was added - and nobody noticed.
So drop the dependency now to allow smaller footprints on installations
which only use FPM.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
This release contains some security fixes.
CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf
CVE-2017-10784: Escape sequence injection vulnerability in the Basic authentication of WEBrick
CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1 decode
CVE-2017-14064: Heap exposure in generating JSON
Multiple vulnerabilities in RubyGems
Update bundled libyaml to version 0.1.7.
And many other bugfix.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Not sure how it can happen that the files are not
installed via the host build.
Maybe some SDK-like build.
Let's make sure they are installed via InstallDev rule too.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
The host pip install should have the host's CFLAGS, LDFLAGS, etc
available.
And not the target's flags.
Otherwise, weird things can happen when installing
packages (host-side) that need to build C code.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
fix Makefile chmod (644)
replace MD5SUM with HASH
add PKG_MIRROR_HASH when PKG_SOURCE_PROTO:=git
(PKG_SOURCE_PROTO:=svn tarballs are not reproducible for now)
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
This build script supports both Python 2.x (python-evdev) and 3.x (python3-evdev)
From the README:
This package provides bindings to the generic input event interface in Linux.
The evdev interface serves the purpose of passing events generated in the kernel
directly to userspace through character devices that are typically located in /dev/input/.
This package also comes with bindings to uinput, the userspace input subsystem.
Uinput allows userspace programs to create and handle input devices that can inject
events directly into the input subsystem.
Signed-off-by: Paulo Costa <me@paulo.costa.nom.br>
Unfortunately python-cryptography (after version 2.0.<something>)
decided to replace `pyasn1` with `asn1crypto`.
Unfortunately `pyasn1` is needed for another package,
so it can't be dropped just yet.
Not sure if dropping it would bother people.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
This fixes several CVEs:
- in mbstring: CVE-2017-9224, CVE-2017-9226, CVE-2017-9227,
CVE-2017-9228, CVE-2017-9229
- in gd: CVE-2017-7890
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
And drop the host-build.
This was needed, simply to cross-build the package.
I'm not a religious man, but "praise the lord" for
dropping this :D
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
To install Python packages host side, that
may be needed for a build.
The intent, is to try to reduce host-side Python
packages being installed via LEDE/OpenWrt build system.
Because those seem like a pain to maintain.
The idea is adapted from Yousong's `python-packages`
package.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Depending on execution order the `python-package-install.sh`
script would return a non-zero err code.
So, this enforces that all commands in the script
don't fail (via the `set -e` directive).
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
auto-endian auf UTF-16 doesn't work with all drivers, some fail to
interpret the byte-order-marking. Hence explicitely use UTF16BE on
big-endian systems and UTF16LE otherwise.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Flask is a microframework for Python based on Werkzeug, Jinja 2 and
good intentions. And before you ask: It.s BSD licensed!
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Python3 variant was working fine.
Also add add PACKAGE_python-pyodbc conditional depend for python packages
Otherwise, both Python & Python3 interpreters get built,
even tho only one variant is selected.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
And depend on python-light only if python-lxml is selected.
Same thing for python3-lxml.
Otherwise, this builds both Python & Python3 intepreters.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Similar to LEDE/OpenWrt's Build/Compile/Default rule,
and other similarities like this.
This should allow Python packages to define
PyBuild/Compile rules to do specific stuff per
package.
The advantage of using these (over just overriding
Build/Compile) is the VARIANT mechanism that is
in place to support packaging both for Python & Python3.
So, PyBuild/Compile will get picked up for the Python
variant build, and Py3Build/Compile will get picked
up for the Python3 variant build.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Fixes: https://github.com/openwrt/packages/issues/4548
When running parallel jobs, there are chances
that the Build/InstallDev rule may run before
the Host/Install rule and fail the build.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
If you build python/python3 and later decide to build
python(3)-setuptools and/or python(3)-pip, the build won't
re-run without adding `CONFIG_PACKAGE_python(3)-setuptools`
and `CONFIG_PACKAGE_python(3)-pip`.
Seems to resolve issue:
https://github.com/openwrt/packages/issues/4529
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Seems it's called underlinking that's happening only
on Ubuntu 12.04 with libressl (that comes from LEDE's
tools folder).
Link here:
https://ubuntuforums.org/showthread.php?t=1870586
I'm still reading about this a bit.
Since I don't really get it.
But applying that fix (as in the link) seems to fix compiling
on Ubuntu 12.04, and tried also on 16.04 (to make sure).
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
The Build/InstallDev rule is activated only for target builds.
But if someone needs only the host Python, then
these files need to be installed in this phase, and not Build/InstallDev
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
